SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, November 30, 2009

Real Security Is Threat-Centric

Posted on 4:39 PM by Unknown
Apparently there's been a wave of house burglaries in a nearby town during the last month. As you might expect, local residents responded by replacing windows with steel panels, front doors with vault entrances, floors with pressure-sensitive plates, and whatever else "security vendors" recommended. Town policymakers created new laws to mandate locking doors, enabling alarm systems, and creating scorecards for compliance. Home builders decided they needed to adopt "secure building" practices so all these retrofitted measures were "built in" future homes.

Oh wait, this is the real world! All those vulnerability-centric measures I just described are what too many "security professionals" would recommend. Instead, police identified the criminals and arrested them. From Teen burglary ring in Manassas identified:

Two suspects questioned Friday gave information about the others, police said.

Now this crew is facing prosecution. That's a good example of what we need to do in the digital world: enable and perform threat-centric security. We won't get there until we have better attribution, and interestingly enough attribution is the word I hear most often from people pondering improvements in network security.
Email ThisBlogThis!Share to XShare to Facebook
Posted in threats | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Review of Intelligence, 4th Ed Posted
    Amazon.com just posted my five star review of Intelligence: From Secrets to Policy, 4th Ed by Mark Lowenthall . From the review : I was a...
  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • Review of Robust Control System Networks Posted
    Amazon.com just posted my five star review of Robust Control System Networks by Ralph Langner . From the review : I am not an industrial ...
  • Bejtlich Teaching at Black Hat West Coast Trainings
    I'm pleased to announce that I will be teaching at  Black Hat West Coast Trainings  9-10 December 2013 in Seattle, Washington. This is a...
  • Bejtlich's Thoughts on "Why Our Best Officers Are Leaving"
    Twenty-two years ago today I flew to Colorado Springs, CO and reported for Basic Cadet Training with the class of 1994 at the United States ...
  • Risk Modeling, not "Threat Modeling"
    Thanks to the great new book Metasploit (review pending), I learned of the Penetration Testing Execution Standard . According to the site,...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Tort Law on Negligence
    If any lawyers want to contribute to this, please do. In my post Shodan: Another Step Towards Intrusion as a Service , some comments claim ...
  • Bejtlich Teaching at Black Hat DC 2011
    Over the holiday break I've been putting the finishing touches on TCP/IP Weapons School 3.0 , to be presented first at Black Hat DC 2011...
  • Happy 7th Birthday TaoSecurity Blog
    Today, 8 January 2010, is the 7th birthday of TaoSecurity Blog . I wrote my first post on 8 January 2003 while working as an incident resp...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ▼  2009 (123)
    • ►  December (10)
    • ▼  November (17)
      • Real Security Is Threat-Centric
      • Celebrate FreeBSD 8.0 Release with Donation
      • Historical Video on AFCERT circa 2000
      • Tort Law on Negligence
      • Review of Martin Libicki's Cyberdeterrence and Cyb...
      • Shodan: Another Step Towards Intrusion as a Service
      • I'm Surprised That Your Kung Fu Is So Expert
      • Control "Monitoring" is Not Threat Monitoring
      • Audio of Bejtlich Presentation on Network Security...
      • Traffic Talk 8 Posted
      • Extending Security Event Correlation
      • Embedded Hardware and Software Pen Tester Position...
      • Reaction to 60 Minutes Story
      • Notes from Talk by Michael Hayden
      • Bejtlich on Security Justice Podcast
      • DojoCon Videos Online
      • Tentative Speaker List for SANS Incident Detection...
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile